Date header missing from the Switch signature in timeout scenario #1709
Assignees
Labels
oss-core
This is an issue - story or epic related to a feature on a Mojaloop core service or related to it
Milestone
Comments
sri-miriyala
assigned elnyry-sam-k, shashi165, bushjames, sri-miriyala and egor-shantur
elnyry-sam-k
added
the
oss-core
|
Date header missing in protected headers Run fulfil-reserved-v1.0 in GP Mojasim collection |
|
@amarmodus the error you are seeing is different. |
|
@sri-miriyala - updated my previous comment & log(this is same as #1710 replication of bug) - the condition is replicated in one of the test from GP test collection. in P2P happy path, transferExpiration with 1200 and 2000 i could only see for less than 1200 getting |
|
https://www.base64decode.org/ - decoded protected header {"alg":"RS256","FSPIOP-URI":"/transfers/861e272a-4f81-4979-b03e-eae378cc83d2/error","FSPIOP-HTTP-Method":"PUT","FSPIOP-Source":"switch","FSPIOP-Destination":"payerfsp"} |
|
Thanks @amarmodus |
mdebarros
added a commit
to mojaloop/helm
that referenced
this issue
Nov 25, 2020
## Helm release changes ### 1. Maintenance updates 1. GitHub issue: mojaloop/project#1617 2. FSP Interoperability API v1.1 Swagger file used from here: https://github.com/mojaloop/mojaloop-specification/tree/master/documents/v1.1-document-set 3. For breaking changes, please review the "Breaking Changes" section below for for Mojaloop Helm v11.0.0 4. Notes on simulators - [Mojaloop-Simulator](https://github.com/mojaloop/mojaloop-simulator) is enabled by default (six instances used). - Ensure that correct Postman Scripts are used if you wish to test against the Mojaloop-Simulators: - A single MojaSim collection is now available after reconciliation between two collections that existed previously. - Setup Mojaloop Hub : [MojaloopHub_Setup](https://github.com/mojaloop/postman/blob/master/MojaloopHub_Setup.postman_collection.json) - Setup Mojaloop Simulators for testing : [MojaloopSims_Onboarding](https://github.com/mojaloop/postman/blob/master/MojaloopSims_Onboarding.postman_collection.json) - Golden path tests: [Golden_Path_Mojaloop](https://github.com/mojaloop/postman/blob/master/Golden_Path_Mojaloop.postman_collection.json) - Legacy Simulators are still required and deployed by default; disabling this will cause issues since there is Account Lookup directory mocking functionality in this service. To run Golden path tests using the Legacy simulator: - Setup Mojaloop Hub, test FSPs : [ML_OSS_Setup_LegacySim](https://github.com/mojaloop/postman/blob/master/ML_OSS_Setup_LegacySim.postman_collection.json) - Golden path tests: [ML_OSS_Golden_Path_LegacySim](https://github.com/mojaloop/postman/blob/master/ML_OSS_Golden_Path_LegacySim.postman_collection.json) - In order to run the Legacy Simulator postman collection or the Mojaloop-Simulator collection, their corresponding setup collection needs to be run first; this can be done without redeployment. 5. Upgrades to all core and supporting services to support 11.0.0 release _(see Application versions and release notes below)_ 6. The current Golden Path collection expects `quoting-service.config.simple_routing_mode_enabled` to be set to `false` to get 100% pass-rate, if this flag is disabled, there will be failures in several quoting-service tests (7 expected failures). This command can be used to override the default config: `helm install moja ./mojaloop/ -n demo --set quoting-service.config.simple_routing_mode_enabled=false` 7. Along with this configuration for on-us transfers is disabled on both default deployments and postman (ON_US_TRANSFERS_ENABLED on postman) collections. 8. Moving to SemVer as the standard is now adopted. This will start with v11.0.0 and follow the general semantic versioning guidance after that. 9. Updated Promfana chart with "Prometheus: v2.20.1; Grafana: v7.1.1" 10. Updated EFK chart with “appVersion: "elasticsearch: 7.7.1; kibana: 7.7.1; apm-server: 7.7.1; fluentd-elasticsearch: 3.0.4" 11. Charts now support deployments on Kubernetes v1.16.x onwards - Fix for issue #219 12. Removed deprecated ingress-nginx chart (#350). Please use [Nginx official chart](https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-helm/). 13. Updated official Helm repo URIs for stable & incubator dependencies and documentation: - Stable: https://kubernetes-charts.storage.googleapis.com/ --> https://charts.helm.sh/stable - Incubator: http://storage.googleapis.com/kubernetes-charts-incubator --> https://charts.helm.sh/incubator 13. Updated `innodb_flush_log_at_trx_commit` to the value of `1` for MySQL servers to ensure ACID compliance (ref: https://dev.mysql.com/doc/refman/5.7/en/innodb-parameters.html#sysvar_innodb_flush_log_at_trx_commit) 14. Renamed Central-Event-Processor's (CEP) MongoDB instance dependency to: `nameOverride: cep-mongodb`. This will ensure that the CEP has its own MongoDB instance. 15. Renamed Mojaloop-Self-Testing-Toolkit's (TTK) MongoDB instance dependency to: `nameOverride: ttk-mongodb`. This will ensure that the TTK has its own MongoDB instance. ### 2. New Features 1. Along with changes from v10.4.0 related to the version v1.1 of the Mojaloop FSP Interoperability API, additional follow-up changes are implemented and a few fixes made. The changes are listed in the [tracking issue](mojaloop/mojaloop-specification#52) of the specification and there is additional context offered [here](https://mojaloop.io/mojaloop-fsp-interoperability-api-version-1-1/). Epic: mojaloop/project#1333 2. Added TTK CLI chart to ml-testing-toolkit (#380). 3. Added the option to pass a template as the rules.json (#353) in quoting service 4. Updates for bulk transfers support in MojaSims/Scheme-Adapter (mojaloop/project/issues/1386) 5. Added charts for bulk-get-handler: mojaloop/project/issues/1496 6. Package development versions (#354) 7. Update helm charts to support kubernetes deployments1.15 and later versions: mojaloop/project/issues/1463 (PR#349) 8. Added TTK CLI chart to ml-testing-toolkit (#380) 9. Modified the testing toolkit CLI chart to enabled scheduling (#381) ### 3. Bug Fixes 1. Incorrect error behaviour on transfer fulfilment with future timestamp [1708](mojaloop/project#1708) 2. ACCEPT header returned in the PUT from switch for the timeout scenario [1710](mojaloop/project#1710) 3. Date header missing from the Switch signature in timeout scenario [1709](mojaloop/project#1709) 4. Valid transactionRequests callback in SDK responding with error response [1647](mojaloop/project#1647) 5. Support test currencies XXX, XTS in ml-api-adapter [1652](mojaloop/project#1652) ## 4. Application versions Application versions that are supported for this update: 1. ml-api-adapter: v10.5.0 -> **v11.1.2** 2. central-ledger: v10.5.1 -> **v11.3.1** 3. account-lookup-service: v10.4.2 -> **v11.1.2** 4. quoting-service: v10.5.5 -> **v11.1.4** 5. central-settlement: **v10.5.0** (no change) 6. central-event-processor: **v10.5.0** (no change) 7. bulk-api-adapter: v10.5.0 -> **v11.0.2** 8. email-notifier: **v9.5.0** (no change) 9. als-oracle-pathfinder: v9.4.0 --> **v10.2.0** 10. transaction-requests-service: v10.4.0 -> **v11.1.2** 11. finance-portal-ui: **v10.4.0** (no change) 12. finance-portal-backend-service: **v10.4.0** (no change) 13. settlement-management: **v8.8.2** (no change) 14. operator-settlement: **v9.2.1** (no change) 15. event-sidecar: **v9.5.1** (no change) 16. event-stream-processor: **v9.5.0-snapshot** 17. simulator: v10.5.3 -> **v11.0.2** 18. mojaloop-simulator: v10.4.1 -> **v11.2.1** 19. sdk-scheme-adapter: v10.5.0 -> **v11.8.0** 20. ml-testing-toolkit: v10.4.1 -> **v11.5.0** 21. ml-testing-toolkit-ui: v10.4.1 -> **v11.5.0** 22. ml-testing-toolkit-cli: **v11.3.0** (new) ## 5. Application release notes 1. ml-api-adapter - https://github.com/mojaloop/ml-api-adapter/releases/tag/v11.1.2 2. central-ledger - https://github.com/mojaloop/central-ledger/releases/tag/v11.3.1 3. account-lookup-service - https://github.com/mojaloop/account-lookup-service/releases/tag/v11.1.2 4. quoting-service - https://github.com/mojaloop/quoting-service/releases/tag/v11.1.4 5. central-settlement- https://github.com/mojaloop/central-settlement/releases/tag/v10.5.0 6. central-event-processor - https://github.com/mojaloop/central-event-processor/releases/tag/v10.5.0 7. bulk-api-adapter - https://github.com/mojaloop/bulk-api-adapter/releases/tag/v11.0.2 8. email-notifier - https://github.com/mojaloop/email-notifier/releases/tag/v9.5.0 9. als-oracle-pathfinder - https://github.com/mojaloop/als-oracle-pathfinder/releases/tag/v10.2.0 10. transaction-requests-service - https://github.com/mojaloop/transaction-requests-service/releases/tag/v11.1.2 11. finance-portal-ui - https://github.com/mojaloop/finance-portal-ui/releases/tag/v10.4.0 12. finance-portal-backend-service - https://github.com/mojaloop/finance-portal-backend-service/releases/tag/v10.4.0 13. settlement-management - https://github.com/mojaloop/settlement-management/releases/tag/v8.8.2 14. operator-settlement - https://github.com/mojaloop/operator-settlement/releases/tag/v9.2.1 15. event-sidecar - https://github.com/mojaloop/event-sidecar/releases/tag/v9.5.1 16. event-stream-processor - https://github.com/mojaloop/event-stream-processor/releases/v9.5.0-snapshot 17. simulator - https://github.com/mojaloop/simulator/releases/tag/v11.0.2 18. mojaloop-simulator - https://github.com/mojaloop/mojaloop-simulator/releases/tag/v11.2.1 19. sdk-scheme-adapter - https://github.com/mojaloop/sdk-scheme-adapter/releases/tag/v11.8.0 20. ml-testing-toolkit - https://github.com/mojaloop/ml-testing-toolkit/releases/tag/v11.5.0 21. ml-testing-toolkit-ui - https://github.com/mojaloop/ml-testing-toolkit-ui/releases/tag/v11.5.0 22. ml-testing-toolkit-cli - https://github.com/mojaloop/ml-testing-toolkit-ui/releases/tag/v11.3.0 ## 6. Operational Chart versions - EFK: **v7.1.0** -> **v11.0.0** - Promfana: **v8.4.0** -> **v11.0.0** ## 7. Breaking changes - Helm release v10.4.0 is not upgradable to v11.0.0 - mojaloop/project#1759 ## 8. Known Issues - Proposal to remove external dependencies from Mojaloop Helm Charts - mojaloop/design-authority-project#69 **(_Note: this will be a breaking change in the next major release_)** - ~Testing Toolkit Post-Hook Install tests are not compatible with Postman (_Note: this will not impact default installations_) - mojaloop/project#1864 ## 9. Contributors: - Contributing organizations: BMGF, CrossLake, MBX - Crosslake: @lewisdaly - ModusBox: @amarmodus, @elnyry-sam-k , @mdebarros, @oderayi, @rmothilal , @vgenev , @vijayg10, @msk-, @vbarzokas, @aaronreynoza, @KamuelaFranco - Individuals: @vorburger _Note: companies in alphabetical order_ --- ## PR Dependencies - mojaloop/project#1866 - mojaloop/postman#188
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary:
When we validated the timeout scenario after the JWS signature generation capability in switch, found that the Date header is missing from the protected headers.
Severity:
High
Priority:
Critical
Expected Behavior
The JWS signature should contain the Date header in protected headers.
Steps to Reproduce
Send POST /quotes request from happy path
Send POST /transfers request from happy path by modifying the transferExpiration from the pre-request script. Change that to 1.2 sec instead of 60 sec like below.
pm.environment.set("transferExpiration",new Date(new Date().getTime() + 1200))
Check the logs at payerfsp, payeefsp
Response:
{
"headers": {
"host": "dev1-sim-payerfsp.mojaloop.live",
"connection": "close",
"x-request-id": "a96198f184a6bebc442796f1c7b94afa",
"x-real-ip": "10.1.2.224",
"x-forwarded-for": "10.1.2.224",
"x-forwarded-host": "dev1-sim-payerfsp.mojaloop.live",
"x-forwarded-port": "80",
"x-forwarded-proto": "http",
"x-original-uri": "/sim/payerfsp/inbound/transfers/4f1c5723-c62b-4204-b4b4-93fc06916af7/error",
"x-scheme": "http",
"content-length": 84,
"content-type": "application/vnd.interoperability.transfers+json;version=1.0",
"accept": "application/vnd.interoperability.transfers+json;version=1.0",
"fspiop-destination": "payerfsp",
"date": "Tue, 15 Sep 2020 18:08:30 GMT",
"fspiop-source": "switch",
"fspiop-http-method": "PUT",
"fspiop-uri": "/transfers/4f1c5723-c62b-4204-b4b4-93fc06916af7/error",
"fspiop-signature": "{"signature":"LO4WH3XpelRSM5uE18PLW8tqMDKbzv4WqznTWsxNfMdmmDjWwhPGVdoLuvrhXBA1z34LK3b3N2McOm9tAUL9wFz-Y3qHOo1dBztFqJDqqc1wRAoJ-FQOHiQu2HiUeBEaH3i9tEZWANf_UUJl9PRM-8LU8sH6qjW5nbxEaXwGLsa_-AwNr0KO_OEQRkqyRhFAK1wCmlBST3f_0bey6JOAV1XE9vdI1Ej4NvZ8vfhMGxN4SJhGp-UB3MK7IuK90zXJcZPeHME2OUcle-wr2adcnGxX_1yVz1IneE_ltitcIGAnS648kIB9DTV_AqRBqqx-b_CEFh0VIZwSAapVOuVddA","protectedHeader":"eyJhbGciOiJSUzI1NiIsIkZTUElPUC1VUkkiOiIvdHJhbnNmZXJzLzRmMWM1NzIzLWM2MmItNDIwNC1iNGI0LTkzZmMwNjkxNmFmNy9lcnJvciIsIkZTUElPUC1IVFRQLU1ldGhvZCI6IlBVVCJ9"}",
"traceparent": "00-de64620a0f4d8bd80ed262e2b78d739a-1db745b8b7007ca0-00",
"tracestate": "mojaloop=eyJzcGFuSWQiOiIxZGI3NDViOGI3MDA3Y2EwIn0=",
"user-agent": "axios/0.19.2"
},
"data": {
"errorInformation": {
"errorCode": "3300",
"errorDescription": "Generic expired error"
}
}
}
Screenshot:
Specifications
Component (if known): ml-api-adapter, CL
Version: ml-api-adapter is 11.0.3, CL : 10.6.1
Platform: Mac
Subsystem: Mojaloop
Type of testing: Feature
Bug found/raised by: Sri & Egor
Note:
Tasks:
Pull Requests
The text was updated successfully, but these errors were encountered: